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AMENDMENTS TO THE CLAIMS 

This listing of claims will replace all prior versions, and listings of claims in the 
application: 

LISTING OF CLAIMS 

1-2. (Canceled) 

3. (Currently Amended) An intelligent identification card comprising: 

an on-board memory for storing reference data; dat% 
an on-board sensor for capturing live biometric data; dat% 
an on-board microprocessor for comparing the captured biometric data with 
corresponding stored reference data within a predetermined threshold and for generating 
a verification message only if there is a match within a predetermined threshold; 
thr e shold, and 

an interface m e ans for communicating the verification message to an external 
network, n e twork. 

wherein the verification message includes at least excerpts from the stored 
reference data, and 

wherein the verification message includes at least excerpts from the captured 
biometric data. 

* 

4. (Previously Presented) The identification card of claim 3 wherein the verification 
message is transmitted to a remote authentication system for additional verification. 
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5. (Previously Presented) The identification card of claim 4 wherein the remote 
authentication system includes remotely stored reference data that is different from the 
locally stored reference data. 

6. (Previously Presented) The identification card of claim 4 wherein the on-board 
microprocessor uses a different matching algorithm than that used at the remote 
authentication system. 

7-8. (Cancelled) 

9. (Previously Presented) The identification card of claim 3 wherein the card is ISO 
SmartCard compatible. 

10. (Currently Amended) The identification card of claim 9 furth e r comprising claim 9, 
wherein said on-board processor is a security processor for storing and processing the 
protected biometric data, and wherein said identification card further comprises an ISO 
SmartCard processor. 

1 1 . (Currently Amended) The identification card of claim 10 wherein the a security 
processor us e d for storing and proc e ssing th e protected biomotric data is functionally 
separated from the ISO SmartCard processor by a firewall. 
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12. (Previously Presented) The identification card of claim 10 wherein all external data 
to and from the security processor passes through the ISO SmartCard processor. 

13. (Previously Presented) The identification card of claim 10 wherein all external data 
to and from the ISO SmartCard processor passes through the security processor. 

14. (Previously Presented) The identification card of claim 10 wherein the security 
processor has a first connection used for loading data during a loading process and a 
second connection connected to an external network. 

15. (Previously Presented) The identification card of claim 14 wherein the first 
connection is permanently disabled after the loading process has been completed. 

16. (Cancelled) 

17. (Previously Presented) The identification card of claim 10 wherein: 

the card comprises an upper magnetic stripe region and a lower embossed region; 
the biometric sensor is a fingerprint sensor; and 

the security processor, the ISO SmartCard processor and the fingerprint sensor are 
all located in a middle region between the upper region and the lower region. 
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18. (Previously Presented) The identification card of claim 3 wherein the biometric data 
includes fingerprint data and the sensor is a fingerprint sensor which captures data from a 
user's finger placed on the sensor. 

19. (Currently Amended) The identification card of claim 1 Swh e r e in claim 18, further 
comprising: 

an indicator providing real-time feedback for finger placement is provid e d while 
the user is manipulating his or her finger over the fingerprint sensor, thereby facilitating 
an adequate optimal placement of the finger over the sensor. 

20. (Previously Presented) The identification card of claim 18 wherein the matching 
process utilizes a hybrid matching algorithm that takes into account both minutiae and 
overall spatial relationships in the captured biometric data. 

21. (Previously Presented) The identification card of claim 18 wherein the fingerprint 
sensor comprises a sheet of crystalline silicon supported by a backing plate. 

22. (Previously Presented) The identification card of claim 21 wherein the backing plate 
comprises a glass epoxy layer sandwiched between two metal layers. 

23. (Previously Presented) The identification card of claim 21 wherein the backing plate 
is reinforced by a carrier frame surrounding the sheet of silicon. 
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24. (Previously Presented) The identification card of claim 3 wherein the card further 
comprises means for restricting use of the card to a predetermined location. 

l 

25. (Currently Amended) The identification card of claim 3 wherein at least some of the 
captured biometric data and the reference data are transmitted to a separate authentication 
server for secure verification of a user's identity prior priori to any grant of on-line access 
to an application server for processing of secure financial transactions involving that user. 

26. (Currently Amended) The identification card of dainLL claim 25 wherein in 
response to a match request relating to a particular logon attempt at a particular 
application server which produces a positive match at the authentication server, a secure 
three-way authentication protocol is executed in which a challenge character sequence is 
sent from the authentication sever to the identification card as, the identification card then 
uses the challenge character sequence and the match request to generate a challenge 
response which it then forwards to the application server, the application server then 
forwards the challenge response to the authentication server, which then verifies whether 
the challenge response is valid. 

27. (Previously Presented) The identification card of claim 3 wherein the output from the 
card is used to obtain physical access into a secure area. 

28. (Previously Presented) The identification card of claim 27 wherein a record of 
successful and unsuccessful access attempts is maintained on the card. 
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29. (New) The identification card of claim 3 wherein said interface includes at least one 
of: 

an electrical contact interface; and 
a wireless communication interface. 

30. (New) An intelligent identification card comprising: 

an on-board sensor for capturing live biometric data; 

a first on-board processor coupled with said on-board sensor, said first on-board 
processor including a memory storing reference data, said first on-board processor 
comparing the captured biometric data with corresponding stored reference data within a 
predetermined threshold and generating a verification message only if there is a match 
within a predetermined threshold; 

a second on-board processor coupled with said first on-board processor, for 
executing intelligent card functions; and 

an interface coupled to either one of said first on-board processor and said second 
on-board processor, for communicating with an external network, the verification 
message being transmitted to the external network via said interface. 

31. (New) The identification card of claim 30, wherein said second on-board processor is 
an ISO SmartCard processor. 
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32. (New) The identification card of claim 31, wherein the first on-board processor is 
functionally separated from the ISO SmartCard processor by a firewall. 

33. (New) The identification card of claim 31, wherein all external data to and from the 
first on-board processor passes through the ISO SmartCard processor. 

34. (New) The identification card of claim 31, wherein all external data to and from the 
ISO SmartCard processor passes through the first on-board processor. 

35. (New) The identification card of claim 34, wherein the first on-board processor has a 
first connection used for loading data during a loading process and a second connection 
connected to an external network. 

36. (New) The identification card of claim 30, further comprising: 

an on-board location detector for determining current location of the identification 
card; and 

means for restricting use of the card based on the detected location. 

37. (New) The identification card of claim 36, wherein said on-board location detector 
includes: 

a Global Positioning Satellite (GPS) signal receiver. 
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38. (New) An intelligent identification card comprising: 

an on-board memory for storing reference data; 

an on-board fingerprint sensor for capturing fingerprint data; 

an indicator for providing real-time feedback for finger placement while the user 

» 

is manipulating his or her finger over the fingerprint sensor, thereby facilitating an 
adequate placement of the finger over the sensor; 

an on-board microprocessor for comparing the captured fingerprint data with 
corresponding stored reference data within a predetermined threshold and for generating 
a verification message only if there is a match within a predetermined threshold; and 

an interface for communicating the verification message to an external network. 

39. (New) A method for identifying a user of an intelligent identification card, the 
intelligent identification card including an on-board memory storing reference data and 
an on-board biometric sensor, said method comprising: 

capturing live biometric data using the on-board sensor; 

comparing the captured biometric data with corresponding reference data stored 
in the on-board memory within a predetermined threshold; 

generating a verification message only if there is a match within the 
predetermined threshold; and 

communicating the verification message to an external network, 

wherein the verification message includes at least excerpts from the stored 
reference data, and 
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wherein the verification message includes at least excerpts from the captured 
biometric data. 

40. (New) The method of claim 39, further comprising: 

transmitting the verification message to a remote authentication system for 
additional verification. 

41. (New) The method of claim 40, further comprising: 

storing in the remote authentication system reference data that is different from 
the reference data locally stored in the identification card. 

42. (New) The method of claim 40, wherein a matching algorithm used in the 
identification card is different from a matching algorithm used at the remote 
authentication system. 

43. (New) The method of claim 39, further comprising: 

transmitting at least some of the captured biometric data and the reference data to 
a separate authentication server for secure verification of a user's identity prior to any 
grant of on-line access to an application server for processing of secure financial 
transactions involving that user. 
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44. (New) The method of claim 39, further comprising: 

receiving a match request relating to a particular logon attempt at a particular 
application server; and 

executing, if a positive match is produced at an authentication server in response 
to the match request, a secure three-way authentication protocol, the authentication 
protocol including: 

sending a challenge character sequence from the authentication sever to 
the identification card; 

generating, at the identification card, a challenge response based on the 
challenge character sequence and the match request; 

forwarding the challenge response to the application server; 

forwarding the challenge response from the application server to the 
authentication server; and 

verifying, at the authentication server, whether the challenge response is 

valid. 

45. (New) A method for identifying a user of an intelligent identification card, the 
intelligent identification card including an on-board memory storing reference data, an 
on-board biometric sensor, a security processor, and an ISO card processor, said method 
comprising: 

capturing live biometric data using the on-board sensor; 
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comparing, using the security processor, the captured biometric data with 
corresponding reference data stored in the on-board memory within a predetermined 
threshold; 

■ 

generating, using the security processor, a verification message only if there is a 
match within the predetermined threshold; 

communicating the verification message to an external network via an interface; 

and 

allowing operation of the ISO card processor if the identity of the user is verified. 

46. (New) The method of claim 45, further comprising: 

loading data onto the security processor via a first connection during a loading 
process; and 

permanently disabling the first connection after the loading process has been 
completed. 

47. (New) The method of claim 45, wherein all external data to and from the ISO card 
processor passes through a second connection of the security processor. 

48. (New) The method of claim 45, wherein all external data to and from the security 
processor passes through the ISO card processor. 
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49. (New) The method of claim 45, wherein the biometric data includes fingerprint data 
and the sensor is a fingerprint sensor which captures data from a user f s finger placed on 
the sensor. 

50. (New) The method of claim 49, further comprising: 

providing real-time feedback for finger placement while the user is manipulating 
his or her finger over the fingerprint sensor, thereby facilitating an adequate placement of 
the finger over the sensor. 

51. (New) The method of claim 45, wherein the matching process utilizes a hybrid 
matching algorithm that takes into account both minutiae and overall spatial relationships 
in the captured biometric data. 

52. (New) A method for identifying identity of a user of an intelligent identification card, 
the intelligent identification card including an on-board memory storing reference data 
and an on-board fingerprint sensor, said method comprising: 

providing real-time feedback for finger placement while the user is manipulating 
his or her finger over the fingerprint sensor, thereby facilitating an adequate placement of 
the finger over the sensor; 

capturing live fingerprint data using the on-board fingerprint sensor; 

comparing the captured fingerprint data with corresponding reference data stored 
in the on-board memory within a predetermined threshold; 
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generating a verification message only if there is a match within the 
predetermined threshold; and 

communicating the verification message to an external network. 

53. (New) An apparatus for identifying a user of an intelligent identification card, the 
intelligent identification card including an on-board memory storing reference data and 
an on-board biometric sensor, said apparatus comprising: 

means for capturing live biometric data using the on-board sensor; 

means for comparing the captured biometric data with corresponding reference 
data stored in the on-board memory within a predetermined threshold; 

means for generating a verification message only if there is a match within the 
predetermined threshold; and 

means for communicating the verification message to an external network, 

wherein the verification message includes at least excerpts from the stored 
reference data, and 

wherein the verification message includes at least excerpts from the captured 
biometric data. 

54. (New) An apparatus for identifying a user of an intelligent identification card, the 
intelligent identification card including an on-board memory storing reference data, an 
on-board biometric sensor, a security processor, and an ISO card processor, said 
apparatus comprising: 

means for capturing live biometric data using the on-board sensor; 
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means for comparing, using the security processor, the captured biometric data 
with corresponding reference data stored in the on-board memory within a predetermined 
threshold; 

means for generating, using the security processor, a verification message only if 
there is a match within the predetermined threshold; 

means for communicating the verification message to an external network via an 
interface; and 

means for allowing operation of the ISO card processor if the identity of the user 
is verified. 

55. (New) An apparatus for identifying identity of a user of an intelligent identification 
card, the intelligent identification card including an on-board memory storing reference 
data and an on-board fingerprint sensor, said apparatus comprising: 

means for providing real-time feedback for finger placement while the user is 
manipulating his or her finger over the fingerprint sensor, thereby facilitating an adequate 
placement of the finger over the sensor; 

means for capturing live fingerprint data using the on-board fingerprint sensor; 

means for comparing the captured fingerprint data with corresponding reference 
data stored in the on-board memory within a predetermined threshold; 

means for generating a verification message only if there is a match within the 
predetermined threshold; and 

means for communicating the verification message to an external network. 
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